Email Alert: How to Spot and Avoid Phishing Attacks

Two weeks ago, the WannaCry cyberattack hit more than 300,000 computers in more than 150 countries. This global "ransomware" attack disrupted factories, hospitals, shops, and schools. Wannacry did not discriminate much in its targets. In the past, I've written about the importance of locking down your passwords. My goal today is to educate and inform so that you can better protect yourself.

What is Ransomware?

In a ransomware attack, victims will open an email addressed to them and may click on an attachment that appears legitimate, like an invoice or fax, but that actually contains malicious ransomware code. Or the email may include a legitimate looking website link (URL), but when the victim clicks on it, the link directs to a website that infects the computer with malicious software. In turn, the malware encrypts files and folders on local drives, any attached drives, backup drives, and even other computers on the same network. Users are often not aware of a problem until they realize they can no longer access their data or they receive a message advising them of the attack along with demands for a ransom payment in exchange for a decryption key. Also included is a time limit: Pay up soon or the files are gone forever.

Ransomware on the Rise

Since 2014 the varieties of ransomware have more than tripled. (Internet Security Threat Report by Symantec)

CryptoWall, a particularly nasty strain of ransomware, netted at least $18m for cyber-crooks in 2015. (FBI)

Hackers are also getting greedier: the average haul from a ransomware attack has gone up from $373 per victim in 2014 to $1,077 in 2016.

Be Careful with Email

Email is still the #1 source of identity theft. Therefore, be sure not to leave sensitive documents or communications containing account numbers, passwords, or social security numbers lingering in your inbox. In fact, I suggest never emailing your social security number. Also, be wary of links that you receive via emails. Before clicking on a link, be sure that the entire web address is recognizable prior to clicking to avoid visits to fraudulent domains. This is actually easier said, than done. For an example. read on below.

What Kind of Idiot Gets Phished?

This is the title of the episode #97 of ReplyAll and a good follow-up to episode #91 The Russian Passenger that I also wrote about. Phia Bennin conducted an experiment on her co-workers to discover who is susceptible to a phishing attack. The conclusion was that it's not just insanely, gullible luddites who can fall victim but even smart, tech savvy people! We are all targets. Nobody is safe.

In the show, Phia has digital forensic expert Daniel Boteanu perform a phishing test on her colleagues at Gimlet Media. Frighteningly, Daniel started his test on a Monday morning and had gained control of an employee's email by 6 PM that day!

Keep Your Guard Up and Eyes Open

How did Daniel do it? He bought the domain gimletrnedia.com so he could impersonate actual Gimlet employees. Notice that the r + n looks like an m! He emailed legitimate looking attachments like invoices or audio files that when clicked prompted users to re-enter their Gmail credentials. If they did so, they were hacked!

I received emails from Apple ID "Receipt Invoices" that made it appear that I've made an iTunes purchase. There is a PDF file attached. >> This attachment either has malware or will prompt me to enter my Apple username and password.

There is an email from Apple Support that claims someone in Ecuador has attempted to access my account so I should update my information immediately.>> This email contains a link to applestore-icloud.com that will attempt to collect my username and password. Obviously, this is not an Apple website.

I received an email from Microsoft alerting me that my inbox exceeded the quota and needed to be upgraded. It went on, "To continue using your mailbox, Please upgrade to your extra 15GB plan with just a single click without any charges." Seemingly harmless right?>> Do not click links without first looking at the email address of the sender (not a legitimate Microsoft address) or web address of the link (also not Microsoft!)

Take your time and be thorough when reading through your emails. If something does not look or feel right, do not give anything sender or link the benefit of the doubt. Hackers prey on the fact that we are busy, in a rush, and may have our guard down. Be aware and be safe!!!

Please remember that past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Runnymede Capital Management, Inc.-"Runnymede"), or any non-investment related content, made reference to directly or indirectly in this blog will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this blog serves as the receipt of, or as a substitute for, personalized investment advice from Runnymede. Please remember that if you are a Runnymede client, it remains your responsibility to advise Runnymede, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. To the extent that a reader has any questions regarding the applicability of any specific issue discussed above to his/her individual situation, he/she is encouraged to consult with the professional advisor of his/her choosing. Runnymede is neither a law firm nor a certified public accounting firm and no portion of the blog content should be construed as legal or accounting advice. A copy of the Runnymede's current written disclosure Brochure discussing our advisory services and fees is available for review upon request. Please Note: Runnymede does not make any representations or warranties as to the accuracy, timeliness, suitability, completeness, or relevance of any information prepared by any unaffiliated third party, whether linked to Runnymede's web site or blog or incorporated herein, and takes no responsibility for any such content. All such information is provided solely for convenience purposes only and all users thereof should be guided accordingly.